<?php
defined('BASEPATH') OR exit('No direct script access allowed');

class Picture extends CI_Controller
{
    public function __construct()
    {
        parent::__construct();
    }

    public function show()
    {
        $this->load->library('image');
        $filename   = $this->uri->segment(3);
        $parts      = pathinfo($filename);
        if(!isset($parts['filename']))
        {
            show_404();
            exit;
        }
        $hash_file  = preg_replace('/[^0-9a-zA-Z]+/i', '', trim($parts['filename']));
        if(strlen($hash_file)!=32)
        {
            show_404();
            exit;
        }

        $base_dir   = FCPATH . 'uploads/';
        $file_dir   = implode('/',str_split(substr($hash_file, 0, 15), 5)).'/'.$filename;
        $file_path  = $base_dir . $file_dir;

        if(!file_exists($file_path))
        {
            show_404();
            exit;
        }

        $size     = $this->input->get('size');
        if(empty($size))
        {
            show_404();
            exit;
        }

        $arr       = explode('x', $size);
        if(count($arr) < 2)
        {
            show_404('size parm error!');
            exit;
        }

        list($width, $height) = $arr;

        if(!in_array($width, $this->image->allowSize['width']))
        {
            show_404('file not width');
            exit;
        }

        if(!in_array($height, $this->image->allowSize['high']))
        {
            show_404('file not height');
            exit;
        }

        $this->image->show($file_path, $width, $height);
    }
}